@Adam Rosenfield:
I'm glad I wasn't the only one that thought that right away when reading this post.
Sure, they used a crappy *hash* that's been known weak since the 90s, but they still called crypt(), and didn't just store the passwords in the clear. This is the one huge failing that I can see.

This weekend, the Gawker network was compromised. This weekend we discovered that Gawker Media's servers were compromised, resulting in a security breach at Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot. If you're a commenter on any of our sites, you prob...

Your solution (require login) seems to do the trick. Another very "analog" method that I use is to save my comment in the clipboard while I log in to such things. Seems like if the login was "ajaxy" you could just store the comment without passing it around though.

This is maddening. It seems like TypePad should be able to store my comment while they send me away to log in at myopenid, but instead, when I come back, I'm presented with a blank comment form. 90% of the time, I decide it's not worth the effort of recomposing my thoughts. I suppose that might ...